From a03932372b0906a340a6e3860c87e45f9ec79042 Mon Sep 17 00:00:00 2001 From: Tom Sepez Date: Mon, 26 Jan 2015 16:51:21 -0800 Subject: Fix infinite recursion in CPDF_Parser::ParseIndirectObjectAt(). A suitably corrupted file can cause the parser(s) to repeatedly re-read sections of the file at increasing parser recursion depth until the stack is exhausted. There is supposed to be a check for this based upon the parser "level", but not all call paths pass or update the level as required. Much as I hate per-class statics, this introduces one to track the depth so that the check is enforced no matter how screwy the call path might be that leads the parser to re-enter itself. This is more palatable than trying to find all these paths and fix them. We know this is OK since there is only one thread in here modifying the static. BUG=451830 R=thestig@chromium.org Review URL: https://codereview.chromium.org/875263002 --- core/include/fxcrt/fx_basic.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'core/include/fxcrt') diff --git a/core/include/fxcrt/fx_basic.h b/core/include/fxcrt/fx_basic.h index 62324f5b2a..7ad44c6b4d 100644 --- a/core/include/fxcrt/fx_basic.h +++ b/core/include/fxcrt/fx_basic.h @@ -1414,6 +1414,21 @@ protected: CFX_DataFilter* m_pDestFilter; }; + +template +class CFX_AutoRestorer { +public: + explicit CFX_AutoRestorer(T* location) { + m_Location = location; + m_OldValue = *location; + } + ~CFX_AutoRestorer() { *m_Location = m_OldValue; } + +private: + T* m_Location; + T m_OldValue; +}; + template class CFX_SmartPointer { -- cgit v1.2.3